Marown/setup-ipsec-vpn
1
0
Fork 0
mirror of https://github.com/hwdsl2/setup-ipsec-vpn.git synced 2024-06-21 05:06:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Improve Libreswan install

Browse Source 
- Skip downloading and installing Libreswan if the same version
  is already installed.
This commit is contained in:
hwdsl2 2021-08-29 15:12:17 -05:00
parent 217bf2a237
commit df6c02bf95
3 changed files with 116 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
vpnsetup_amzn.sh
View File

@ -184,23 +184,34 @@ get_ikev2_script() {
[ -s ikev2.sh ] && chmod +x ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null [ -s ikev2.sh ] && chmod +x ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null
} }
get_libreswan() { check_libreswan() {
bigecho "Downloading Libreswan..."
SWAN_VER=4.5 SWAN_VER=4.5
swan_file="libreswan-$SWAN_VER.tar.gz" ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz" swan_ver_old=$(printf '%s' "$ipsec_ver" | sed -e 's/.*Libreswan U\?//' -e 's/\( (\|\/K\).*//')
swan_url2="https://download.libreswan.org/$swan_file" [ "$swan_ver_old" = "$SWAN_VER" ]
( }
set -x
wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2" get_libreswan() {
) || exit 1 if ! check_libreswan; then
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER" bigecho "Downloading Libreswan..."
tar xzf "$swan_file" && /bin/rm -f "$swan_file" swan_file="libreswan-$SWAN_VER.tar.gz"
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
swan_url2="https://download.libreswan.org/$swan_file"
(
set -x
wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
) || exit 1
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
tar xzf "$swan_file" && /bin/rm -f "$swan_file"
else
bigecho "Libreswan $SWAN_VER is already installed, skipping..."
fi
} }
install_libreswan() { install_libreswan() {
bigecho "Compiling and installing Libreswan, please wait..." if ! check_libreswan; then
cd "libreswan-$SWAN_VER" || exit 1 bigecho "Compiling and installing Libreswan, please wait..."
cd "libreswan-$SWAN_VER" || exit 1
cat > Makefile.inc.local <<'EOF' cat > Makefile.inc.local <<'EOF'
WERROR_CFLAGS=-w -s WERROR_CFLAGS=-w -s
USE_DNSSEC=false USE_DNSSEC=false
@ -208,20 +219,21 @@ USE_DH2=true
USE_NSS_KDF=false USE_NSS_KDF=false
FINALNSSDIR=/etc/ipsec.d FINALNSSDIR=/etc/ipsec.d
EOF EOF
if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
echo "USE_XFRM_INTERFACE_IFLA_HEADER=true" >> Makefile.inc.local echo "USE_XFRM_INTERFACE_IFLA_HEADER=true" >> Makefile.inc.local
fi fi
NPROCS=$(grep -c ^processor /proc/cpuinfo) NPROCS=$(grep -c ^processor /proc/cpuinfo)
[ -z "$NPROCS" ] && NPROCS=1 [ -z "$NPROCS" ] && NPROCS=1
( (
set -x set -x
make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
) )
cd /opt/src || exit 1 cd /opt/src || exit 1
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER" /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
exiterr "Libreswan $SWAN_VER failed to build." exiterr "Libreswan $SWAN_VER failed to build."
fi
fi fi
} }

64
vpnsetup_centos.sh
View File

@ -238,23 +238,34 @@ get_ikev2_script() {
[ -s ikev2.sh ] && chmod +x ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null [ -s ikev2.sh ] && chmod +x ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null
} }
get_libreswan() { check_libreswan() {
bigecho "Downloading Libreswan..."
SWAN_VER=4.5 SWAN_VER=4.5
swan_file="libreswan-$SWAN_VER.tar.gz" ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz" swan_ver_old=$(printf '%s' "$ipsec_ver" | sed -e 's/.*Libreswan U\?//' -e 's/\( (\|\/K\).*//')
swan_url2="https://download.libreswan.org/$swan_file" [ "$swan_ver_old" = "$SWAN_VER" ]
( }
set -x
wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2" get_libreswan() {
) || exit 1 if ! check_libreswan; then
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER" bigecho "Downloading Libreswan..."
tar xzf "$swan_file" && /bin/rm -f "$swan_file" swan_file="libreswan-$SWAN_VER.tar.gz"
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
swan_url2="https://download.libreswan.org/$swan_file"
(
set -x
wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
) || exit 1
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
tar xzf "$swan_file" && /bin/rm -f "$swan_file"
else
bigecho "Libreswan $SWAN_VER is already installed, skipping..."
fi
} }
install_libreswan() { install_libreswan() {
bigecho "Compiling and installing Libreswan, please wait..." if ! check_libreswan; then
cd "libreswan-$SWAN_VER" || exit 1 bigecho "Compiling and installing Libreswan, please wait..."
cd "libreswan-$SWAN_VER" || exit 1
cat > Makefile.inc.local <<'EOF' cat > Makefile.inc.local <<'EOF'
WERROR_CFLAGS=-w -s WERROR_CFLAGS=-w -s
USE_DNSSEC=false USE_DNSSEC=false
@ -262,20 +273,21 @@ USE_DH2=true
USE_NSS_KDF=false USE_NSS_KDF=false
FINALNSSDIR=/etc/ipsec.d FINALNSSDIR=/etc/ipsec.d
EOF EOF
if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
echo "USE_XFRM_INTERFACE_IFLA_HEADER=true" >> Makefile.inc.local echo "USE_XFRM_INTERFACE_IFLA_HEADER=true" >> Makefile.inc.local
fi fi
NPROCS=$(grep -c ^processor /proc/cpuinfo) NPROCS=$(grep -c ^processor /proc/cpuinfo)
[ -z "$NPROCS" ] && NPROCS=1 [ -z "$NPROCS" ] && NPROCS=1
( (
set -x set -x
make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
) )
cd /opt/src || exit 1 cd /opt/src || exit 1
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER" /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
exiterr "Libreswan $SWAN_VER failed to build." exiterr "Libreswan $SWAN_VER failed to build."
fi
fi fi
} }

68
vpnsetup_ubuntu.sh
View File

@ -226,23 +226,34 @@ get_ikev2_script() {
[ -s ikev2.sh ] && chmod +x ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null [ -s ikev2.sh ] && chmod +x ikev2.sh && ln -s /opt/src/ikev2.sh /usr/bin 2>/dev/null
} }
get_libreswan() { check_libreswan() {
bigecho "Downloading Libreswan..."
SWAN_VER=4.5 SWAN_VER=4.5
swan_file="libreswan-$SWAN_VER.tar.gz" ipsec_ver=$(/usr/local/sbin/ipsec --version 2>/dev/null)
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz" swan_ver_old=$(printf '%s' "$ipsec_ver" | sed -e 's/.*Libreswan U\?//' -e 's/\( (\|\/K\).*//')
swan_url2="https://download.libreswan.org/$swan_file" [ "$swan_ver_old" = "$SWAN_VER" ]
( }
set -x
wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2" get_libreswan() {
) || exit 1 if ! check_libreswan; then
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER" bigecho "Downloading Libreswan..."
tar xzf "$swan_file" && /bin/rm -f "$swan_file" swan_file="libreswan-$SWAN_VER.tar.gz"
swan_url1="https://github.com/libreswan/libreswan/archive/v$SWAN_VER.tar.gz"
swan_url2="https://download.libreswan.org/$swan_file"
(
set -x
wget -t 3 -T 30 -q -O "$swan_file" "$swan_url1" || wget -t 3 -T 30 -q -O "$swan_file" "$swan_url2"
) || exit 1
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
tar xzf "$swan_file" && /bin/rm -f "$swan_file"
else
bigecho "Libreswan $SWAN_VER is already installed, skipping..."
fi
} }
install_libreswan() { install_libreswan() {
bigecho "Compiling and installing Libreswan, please wait..." if ! check_libreswan; then
cd "libreswan-$SWAN_VER" || exit 1 bigecho "Compiling and installing Libreswan, please wait..."
cd "libreswan-$SWAN_VER" || exit 1
cat > Makefile.inc.local <<'EOF' cat > Makefile.inc.local <<'EOF'
WERROR_CFLAGS=-w -s WERROR_CFLAGS=-w -s
USE_DNSSEC=false USE_DNSSEC=false
@ -250,28 +261,29 @@ USE_DH2=true
USE_NSS_KDF=false USE_NSS_KDF=false
FINALNSSDIR=/etc/ipsec.d FINALNSSDIR=/etc/ipsec.d
EOF EOF
if ! grep -qs 'VERSION_CODENAME=' /etc/os-release; then if ! grep -qs 'VERSION_CODENAME=' /etc/os-release; then
cat >> Makefile.inc.local <<'EOF' cat >> Makefile.inc.local <<'EOF'
USE_DH31=false USE_DH31=false
USE_NSS_AVA_COPY=true USE_NSS_AVA_COPY=true
USE_NSS_IPSEC_PROFILE=false USE_NSS_IPSEC_PROFILE=false
USE_GLIBC_KERN_FLIP_HEADERS=true USE_GLIBC_KERN_FLIP_HEADERS=true
EOF EOF
fi fi
if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then if ! grep -qs IFLA_XFRM_LINK /usr/include/linux/if_link.h; then
echo "USE_XFRM_INTERFACE_IFLA_HEADER=true" >> Makefile.inc.local echo "USE_XFRM_INTERFACE_IFLA_HEADER=true" >> Makefile.inc.local
fi fi
NPROCS=$(grep -c ^processor /proc/cpuinfo) NPROCS=$(grep -c ^processor /proc/cpuinfo)
[ -z "$NPROCS" ] && NPROCS=1 [ -z "$NPROCS" ] && NPROCS=1
( (
set -x set -x
make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null make "-j$((NPROCS+1))" -s base >/dev/null && make -s install-base >/dev/null
) )
cd /opt/src || exit 1 cd /opt/src || exit 1
/bin/rm -rf "/opt/src/libreswan-$SWAN_VER" /bin/rm -rf "/opt/src/libreswan-$SWAN_VER"
if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then if ! /usr/local/sbin/ipsec --version 2>/dev/null | grep -qF "$SWAN_VER"; then
exiterr "Libreswan $SWAN_VER failed to build." exiterr "Libreswan $SWAN_VER failed to build."
fi
fi fi
} }